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DETAILED ACTION 

1. This action is in response to amendment filed 9/19/2007. Claims 1-4, 18-21, 
32-35, 44 and 45 were amended. New claims 46 and 47 were added. Claims 1-47 are 
pending. Applicant's arguments/ amendments with respect to the claims have been 
fully considered but they are not persuasive. The Examiner would like to point out that 
this action is made final (See MPEP 706.07a). 

Claim Objections 

2. Corrections to the claims were received 9/19/2007, previous claim objection have 
been withdrawn. 



Claim Rejections - 35 USC § 101 

3. regarding Applicant's argument that Claim 44 is now statutory due to the 
amendments, Examiner respectfully disagrees and would like to point out that in the 
specification page 25, it states "common forms of computer-readable media include, for 
example, a floppy disk, a flexible disk, hard disk, magnetic tape, or any other magnetic 
medium, a CD-ROM, any other optical medium, punchcards, papertape, any other 
physical medium with patterns of holes, a RAM, a PROM, and EPROM, a FLASH- 
EPROM, any other memory chip or cartridge, a carrier wave as described hereinafter, 
or any other medium from which a computer can read". Previous 101 rejection is 
maintained. 
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Response to Arguments 

4. Applicant's arguments with respect to the claims have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 (JSC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

5. As per claim 44, when a nonfunctional descriptive material is recorded on some 
computer-readable medium, in a computer or on an electromagnetic carrier signal 
(Specification page 25 Paragraph 116, lines 5-6), it is not statutory since no requisite 
functionality is present to satisfy the practical application requirement. Merely claiming 
nonfunctional descriptive material, i.e. abstract ideas, stored in a computer readable 
medium, in a computer, on an electromagnetic carrier signal does not make it statutory. 
See Diehr, 450 U.S. at 185-86, 209 USPQ. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 1-41 and 43-47 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Silva et al. (US 6,615,347) in view of England et al. (20070174921). 

As per claim 1 de Silva discloses: receiving a first security certificate associated 
with the sender and storing the first security certificate in a location accessible to the 
receiver (Column 3, Lines 58-Column 4, Lines 10); updating the first security certificate 
when the location accessible to the receiver if the first security certificate is changed or 
revoked (Column 6, Lines 10-34); receiving a second security certificate from the 
sender when identity of the sender needs to be verified (Column 6, Lines 35-40). De 
Silva does not explicitly teach: comparing in memory a binary representation of the 
entire second security certificate to a binary representation of the entire first security 
certificate; and confirming the sender's identity only when the binary representation of 
the second security certificate matches the binary representation of the first security 
certificate for the sender. However, England et al. discloses: comparing in memory a 
binary representation of the entire second security certificate to a binary representation 
of the entire first security certificate (0158); and confirming the sender's identity only 
when the binary representation of the second security certificate matches the binary 
representation of the first security certificate for the sender (01 58). Therefore it would 
have been obvious to one with ordinary skill in the art at the time the invention was 
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made to use the teachings of England in conjunction with the teachings of De Silva for 
the benefit of trusted application upgrade (0039) 

As per claim 18 de Silva discloses: copying a first security certificate associated 
with the client to a location accessible to the server (Column 3, Lines 58-Column 4, 
Lines 10); updating the first security certificate in the location accessible to the server 
when the first certificate is changed or revoked (Column 7, Lines 6-30); receiving a 
second security certificate from the client when identity of the client needs to be verified 
(Column 6, Lines 35-40). De Silva does not explicitly teach: comparing in memory a 
binary representation of the entire second security certificate to a binary representation 
of the entire first security certificate without parsing of data fields contained within either 
the first or second security certificate; and confirming the sender's identity only when the 
binary representation of the second security certificate matches the binary 
representation of the first security certificate for the sender. However, England et al. 
discloses: comparing in memory a binary representation of the entire second security 
certificate to a binary representation of the entire first security certificate without parsing 
of data fields contained within either the first or second security certificate (0158); and 
confirming the sender's identity only when the binary representation of the second 
security certificate matches the binary representation of the first security certificate for 
the sender (0158). Therefore it would have been obvious to one with ordinary skill in 
the art at the time the invention was made to use the teachings of England in 
conjunction with the teachings of De Silva for the benefit of trusted application upgrade 
(0039) 



Application/Control Number: Page 6 

10/660,413 

Art Unit: 2131 

As per claim 32 de Silva discloses: receiving a first security certificate associated 
with the server and storing the first security certificate in a location accessible to the 
client (Column 3, Lines 58-Column 4, Lines 10); updating the first security certificate in 
the location accessible to the client when the first security certificate is changed or 
revoked (Column 7, Lines 6-30); receiving a second security certificate from the server 
when identity of the server needs to be verified (Column 6, Lines 35-40). De Silva does 
not explicitly teach: comparing in memory a binary representation of the entire second 
security certificate to a binary representation of the entire first security certificate without 
parsing of data fields contained within either the first or second security certificate; and 
confirming the sender's identity only when the binary representation of the second 
security certificate matches the binary representation of the first security certificate for 
the sender. However, England et al. discloses: comparing in memory a binary 
representation of the entire second security certificate to a binary representation of the 
entire first security certificate without parsing of data fields contained within either the 
first or second security certificate (0158); and confirming the sender's identity only when 
the binary representation of the second security certificate matches the binary 
representation of the first security certificate for the sender (01 58). Therefore it would 
have been obvious to one with ordinary skill in the art at the time the invention was 
made to use the teachings of England in conjunction with the teachings of De Silva for 
the benefit of trusted application upgrade (0039) 

As per claim 44, de Silva discloses: receiving a first security certificate 
associated with the sender and storing the first security certificate in a location 
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accessible to the receiver (Column 3, Lines 58-Column 4, Lines 10); updating the first 
security certificate when the location accessible to the receiver if the first security 
certificate is changed or revoked (Column 6, Lines 10-34); receiving a second security 
certificate from the sender when identity of the sender needs to be verified (Column 6, 
Lines 35-40). De Silva does not explicitly teach: comparing in memory a binary 
representation of the entire second security certificate to a binary representation of the 
entire first security certificate; and confirming the sender's identity only when the binary 
representation of the second security certificate matches the binary representation of 
the first security certificate for the sender. However, England et al. discloses: 
comparing in memory a binary representation of the entire second security certificate to 
a binary representation of the entire first security certificate (0158); and confirming the 
sender's identity only when the binary representation of the second security certificate 
matches the binary representation of the first security certificate for the sender (0158). 
Therefore it would have been obvious to one with ordinary skill in the art at the time the 
invention was made to use the teachings of England in conjunction with the teachings of 
De Silva for the benefit of trusted application upgrade (0039) 

As per claim 45, de Silva discloses: receiving a first security certificate 
associated with the sender and storing the first security certificate in a location 
accessible to a receiver (Column 3, Lines 58-Column 4, Lines 10); updating the first 
security certificate in the location accessible to the receiver when the first security 
certificate is changed or revoked (Column 7, Lines 6-30); receiving a second security 
certificate from the sender when identity of the sender needs to be verified (Column 6, 
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Lines 35-40 De Silva does not explicitly teach: comparing in memory a binary 
representation of the entire second security certificate to a binary representation of the 
entire first security certificate; and confirming the sender's identity only when the binary 
representation of the second security certificate matches the binary representation of 
the first security certificate for the sender. However, England et al. discloses: 
comparing in memory a binary representation of the entire second security certificate to 
a binary representation of the entire first security certificate (0158); and confirming the 
sender's identity only when the binary representation of the second security certificate 
matches the binary representation of the first security certificate for the sender (0158). 
Therefore it would have been obvious to one with ordinary skill in the art at the time the 
invention was made to use the teachings of England in conjunction with the teachings of 
De Silva for the benefit of trusted application upgrade (0039) 



As per claim 2, 19 and 33, rejected as applied to claim 1,18 and 32. 
Furthermore de Silva discloses: removing the first certificate from the location 
accessible to the receiver when the first certificate is revoked (Column 7, Lines 6-30); 
and replacing the first certificate in the location accessible to the receiver if the first 
certificate is changed (Column 7, Lines 61-63). 

As per claim 3, 20 and 34, rejected as applied to claims 2, 19 and 33. 
Furthermore, de Silva discloses: the removing step is performed when the first 
certificate is known to have been revoked for a reason selected from the group 
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consisting of expiration of the certificate, change of certificate authority, and 
compromise of the certificate (Column 5, Lines 25-32). 

As per claims 4, 21 and 35, rejected as applied to claims 2, 19 and 33. 
Furthermore, de Silva discloses: wherein the replacing step is performed when the first 
certificate is known to have been changed for a reason selected from the group 
consisting of expiration of the certificate, change of certificate authority, and 
compromise of the certificate (Column 5, Lines 25-32). 

As per claim 5, rejected as applied to claim 1 . Furthermore, de Silva discloses: 
storing the first security certificate in a directory service (Column 3, Lines 51-55). 

As per claim 6 and 22, rejected as applied to claims 5 and 18. Furthermore, de 
Silva discloses: wherein the directory service is a Lightweight Directory 
Access Protocol directory (Column 3, lines 51-55). 

As per claims 7 and 23, rejected as applied to claims 1 and 18. Furthermore, de 
Silva discloses: wherein the first certificate is known to have been granted by 
a certificate authority (Column 3, Lines 50-51). 

As per claims 8 and 24, rejected as applied to claims 1 and 18. Furthermore, de 
Silva discloses: wherein the first certificate is known to have been obtained 
in a trusted domain (Column 3, Lines 50-51). 

As per claim 9, 26 and 36, rejected as applied to claims 1,18 and 32. 
Furthermore, de Silva discloses: herein the step of comparing the first certificate and 
second certificate comprises comparing a computer memory representation of each 
certificate (Column 9, Lines 10-25). 
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As per claim 10, rejected as applied to claim 1 . Furthermore, de Silva discloses: 
wherein the sender is a client and the receiver is a server (Column 4, Lines 33-51). 

As per claims 11, 25 and 37, rejected as applied to claims 10, 18 and 32. 
Furthermore, de Silva discloses: herein the receiver is an authentication, authorization, 
and accounting server (Column 4, Lines 33-51). 

As per claim 12, rejected as applied to claim 1 . Furthermore de Silva discloses: 
wherein the sender is a server and the receiver is a client (Column 4, Lines 33-51). 

As per claim 13, 27 and 38, rejected as applied to claims 1, 18 and 32. 
Furthermore, de Silva discloses: wherein the communication between the sender and 
receiver is in a protocol that requires the inclusion of a digital certificate (Column 4, 
Lines 55-65). 

As per claims 14, 28 and 39, rejected as applied to claims 13, 27 and 28. 
Furthermore, de Silva discloses: wherein the protocol is selected from the group 
consisting of the Extensible Authentication Protocol and Transport Level Security 
protocol, the Protected Extensible Authentication Protocol, and the Tunneled Transport 
Level Security protocol (Column 4, Lines 55-65). 

As per claims 15, 29 and 40, rejected as applied to claims 1,18 and 32. 
Furthermore, de Silva discloses: the second certificate is known to have been signed 
by a certificate authority (Column 3, Lines 50-51 and Column 1, Lines 40-55, Column 2, 
Lines 13-26). 

As per claims 16, 30 and 41, rejected as applied to claims 15, 29 and 40. 
Furthermore, de Silva discloses: decrypting the second certificate using a public key 
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associated with the certificate authority, whereby the receiver verifies that the certificate 
authority has signed the second certificate (Column 1, Lines 52-60). 

As per claims 17, 31 and 43, rejected as applied to claims 1,18 and 43. 
Furthermore, de Silva discloses: receiving a message encrypted with the sender's 
private key; and decrypting the message using the sender's public key (Column 3, Lines 
35-50). 

As per claim 46, rejected as applied to claim 45. Furthermore, England et al. 
discloses: comparing an occupied length in memory of the first security certificate to an 
occupied length in memory of the second security certificate before the confirming of the 
sender' s identity (01 58). 

As per claim 47, rejected as applied to claim 45. Furthermore, England et al. 
discloses: comparing is performed without parsing of data fields contained within either 
the first or second security certificates (0158). 

7. Claim 42 is rejected under 35 U.S.C. 103(a) as being unpatentable over de Silva 
et al. (US 6,615,347) in view of England etal. (20070174921) in further view of Fe eta. 
(US 20030037234). 

As per claim 42, rejected as applied to claim 32. The combined references De 
Silva and England et al. do not explicitly teach wherein the server is one of a plurality of 
load balanced servers and each server of the plurality of load balanced servers has an 
identical security certificate, whereby the client need not know to which of the plurality of 
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servers it is attached. However, Fu et al. discloses: wherein the server is one of a 
plurality of load balanced servers and each server of the plurality of load balanced 
servers has an identical security certificate, whereby the client need not know to which 
of the plurality of servers it is attached (0046). Therefore, it would have been obvious to 
one with ordinary skill in the art at the time the invention was made to use the teachings 
of Fu et al. in conjunction with the combined teachings of De Silva and England et al. 
for the benefit of greater scalability (0012). 



Conclusion 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Saoussen Besrour whose telephone number is 571-272- 
6547. The examiner can normally be reached on M-F 8:30am to 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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